package com.itao.controller;


import javax.annotation.Resource;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;

import com.itao.dao.AccountDao;
import com.itao.model.Account;



/**
 * @ClassName: CommonController
 * @Description:
 */
@Controller
public class CommonController {
	
	@Resource
	private AccountDao accountDao;
	
	@RequestMapping(value="/login")
	public String login(Model model, Integer error){
		if(error!=null && error ==1)
			model.addAttribute("msg", "登陆失败，请确认输入正确的用户名和密码");
		return "login";
	}
	
	@RequestMapping(value="/user/{account}")
	public String getUser(@PathVariable String account, Model model){
		Account user = accountDao.findByCol("account", account);
		user.setPassword("123456");
		model.addAttribute("account", user);
		return "user";
	}
	
	@RequestMapping(value="/getSecUser")
	public String getSecUser(Model model){
		UserDetails user = (UserDetails)SecurityContextHolder.getContext().getAuthentication().getPrincipal();
		model.addAttribute("secUser", user);
		return "login";
	}
	
	@RequestMapping(value="/success")
	@PreAuthorize("hasPermission('ROLE_USER')")
	public String testsuc(){
		System.out.println("==============suc=======");
		return "login";
	}
	
	@RequestMapping(value="/deny")
	@PreAuthorize("hasPermission('deny')")
	public String deny(){
		System.out.println("===========deny==========");
		return "login";
	}
}
